In the war over cybersecurity, technical skill is never enough.

The wildly popular podcast Reply All has an especially memorable episode called The Snapchat Thief. A young woman named Lizzie has her Snapchat login stolen while she’s on vacation in the Appalachian Mountains. The culprit is a bored young high schooler, who does the deed from his mother’s house on the West Coast. He then sells her username to another young man who simply gives it to his girlfriend as a gift. The two teenagers circumvented Snapchat’s world-class cybersecurity in the most simple yet ingenious way: by telling Lizzie’s cell phone provider to transfer her phone number to a new SIM card, then by asking Snapchat to text them a code to reset the password to Lizzie’s account.

This story illustrates three disturbing realities about cyber security. First, everyone will be victimized: even the most well-funded Silicon Valley startups are hacked all the time with increasingly creative strategies. Second, anyone anywhere in the world can hack any one of your devices at any time, whether from Paris, New York, or Timbuktu. Third, hackers aren’t necessarily the evil geniuses or basement-dwelling savants of TV: they could be the person next door who just wants some cash or something to do. They may or may not care if their actions destroy your life.

It’s easy to forget that cybersecurity is ultimately a people problem, and that’s what makes it such a difficult one. Hackers aren’t just technical thinkers; they’re also creative, and it takes other creative minds as well as excellent technical skills to combat their actions. Cybersecurity isn’t just a science; it’s also an art.

This is why it’s so difficult to train, recruit, and retain cybersecurity experts. Many people are able to master technical skills, many master creative skills, but exceptionally few are able to master both. Building skillful cybersecurity teams is a constant task that itself requires other skillful teams, and failing to recognize this sets the stage for security failures. As cybersecurity expert Michael Daniel wrote in the Harvard Business Review, “As long as we treat cybersecurity as a technical problem that should have easy technical solutions, we will continue to fail.”

And the cybersecurity war changes quickly. By the time college courses are developed, and bright young students are able to complete them, new kinds of security breaches are discovered, and completely new solutions have to be developed. The field is still in its infancy: while long-established protocols exist in physical security fields, the world wide web is still, in many ways, a lawless frontier. It’s extremely difficult to predict how attacks will happen, and by the time they do, it can be too late.

But while how cyber attacks will happen is impossible to predict, one thing is certain: they will happen. Cybersecurity is a challenge that’s never really over; it’s only ever over for now.

Companies that understand the creative and technical challenges of cybersecurity will staff their teams with creative technical experts. When the next round of cyberattacks inevitably comes around, they will be far more likely to survive, while the ones that fail to recognize the need for creative skill will crash and burn.

When your turn comes, will your team be ready?